home.aspx
 
. https://www.infoworld.com/article/3356473/2-security-tricks-your-cloud-provider-wont-tell-you.html
blog article
2 SECURITY TRICKS YOUR CLOUD PROVIDER WON’T TELL YOU
Cloudops (cloud operations) and secops (security operations) are quickly evolving practices. While I’m seeing some errors, what’s more common is that ops teams are leaving important things out. If these missing aspects are not addressed, secops will become problematic quickly.Here are two secops omissions that you can deal with today, even though your public cloud provider won’t tell you about, won’t be on any certification, and is typically widely misunderstood. Both secops and govops (governance operations) need to be proactive, meaning that they need to adjust based on changing threats in the case of secops, and changing policies in the case of govops.The reality is that secops and govops are not effective without each other because govops needs to understand what secops is doing for it to actively adjust policies around security threats, and voice versa.Let’s say that many failed login attempts are noticed on a group of provisioned virtual servers in production running on a public cloud provider. The secops approach would be to lock out that offending IP address automatically, and that’s that. DAVID LINTHICUM READ MORE